NOS News••Changed
One of the biggest botnets in the world, Qakbot, has been neutralized through police actions in several countries, including the Netherlands. The police and the Prosecutor’s Office have this together announced.
Qakbot consists of more than 700,000 infected computers worldwide malware, malware software that allows criminals to gain unwitting access to the computer. The resulting network allows them to steal data from large companies or organizations and then release it for a fee. In this way, Qakbot has caused hundreds of millions of euros in losses to companies and government agencies since 2008.
Phishing
The Qakbot (pronounced ‘quackbot’) network, also known as Qbot and Pinkslipbot, spreads primarily through phishing email: emails asking users to open a compromised attachment, such as a Word document or PDF file. The malware is then able to implant itself on the victim’s computer and then spread again.
On the night of last Friday to Saturday, police forces working together in the United States, Britain, Romania, Lithuania, France, Germany and the Netherlands succeeded in breaking into the network and removing malware from infected computers. In the Netherlands, 22 computer servers were confiscated from where the software was distributed, according to the Public Prosecutor.
What makes Qakbot special is the fact that the network has been around for a long time, said cybersecurity expert Dave Maasland. “And it seems that until now this network has not been able to be stopped.” Once infected, computers are used for various types of cybercrime, he said: not just for ransomware (holding data hostage from large organizations), but also stealing data from individuals, such as access to bank accounts. The data is then resold through online marketplaces.
“Also interesting and special,” Maasland added, “the FBI automatically disinfected the computers of 700,000 infected systems. It is truly unique on this scale.”
Duck Hunting
It is not known whether anyone was arrested in the police operation dubbed ‘Duck Hunt’. However, the US Department of Justice, which coordinated the action, has seized approximately $8.6 million in cryptocurrency.
According to Maasland, taking down Qakbot was an important blow in the fight against global cybercrime, comparable to ‘Operation Cookie Monster’ earlier this year. “But if the people behind it are not caught, they can start building such a network again. It will take time, but it will be quite profitable.” The problem is, perpetrators often operate in countries that do not extradite their citizens, such as Russia.
In this action, the Dutch police stated that they had traced around 7.6 billion sensitive computer user data (such as email addresses or passwords), which was part of the network. Through ‘Check Your Hack’ Users can find out for themselves whether they have been a victim.
“Coffee trailblazer. Analyst. General music geek. Bacon maven. Devoted organizer. Incurable internet ninja. Entrepreneur.”